SYMMETRIC

ENCRYPTION
 Symmetric Key Cryptography

• Also known as SECRET KEY, SINGLE KEY,

PRIVATE KEY
• Sender and Receiver share already a secret key
• requires solution to key-distribution problem
• Symmetric key algorithms also popular for file
encryption, then Encrypter = Decrypter
 Modern Symmetric key Ciphers

Digital data is represented in strings of binary

digits (bits) unlike alphabets. Modern
cryptosystems need to process this binary
strings to convert in to another binary string.
Based on how these binary strings are
processed, a symmetric encryption schemes can
be classified in to
• Block Ciphers
• Stream Ciphers
 Block Ciphers
In this scheme, the plain binary text is processed
in blocks (groups) of bits at a time; i.e. a block
of plaintext bits is selected, a series of
operations is performed on this block to
generate a block of cipher text bits. The
number of bits in a block is fixed. For
example, the schemes DES and AES have
block sizes of 64 and 128, respectively.
 Stream Ciphers
• In this scheme, the plaintext is processed one
bit at a time i.e. one bit of plaintext is taken,
and a series of operations is performed on it to
generate one bit of ciphertext. Technically,
stream ciphers are block ciphers with a block
size of one bit.
 Block Cipher Modes Of Operation
A block cipher processes the data blocks of fixed size.
Usually, the size of a message is larger than the block
size. Hence, the long message is divided into a series
of sequential message blocks, and the cipher operates
on these blocks one at a time.
 Electronic Code Book (ECB) Mode
 Cipher Block Chaining (CBC) Mode
 Cipher Feedback (CFB) Mode
 Output Feedback (OFB) Mode
 Counter (CTR) Mode
 Electronic Code Book (ECB) Mode
This mode is a most straightforward way of processing
a series of sequentially listed message blocks.
Operation:
• The user takes the first block of plaintext and
encrypts it with the key to produce the first block of
ciphertext.
• He then takes the second block of plaintext and
follows the same process with same key and so on so
forth.
 Cipher Block Chaining (CBC) Mode
CBC mode of operation provides message dependence for generating
cipher text and makes the system non-deterministic.
Operation
• Load the n-bit Initialization Vector (IV) in the top register.
• XOR the n-bit plaintext block with data value in top register.
• Encrypt the result of XOR operation with underlying block cipher
with key K.
• Feed cipher text block into top register and continue the operation till
all plaintext blocks are processed.
• For decryption, IV data is XORed with first ciphertext block
decrypted. The first ciphertext block is also fed into to register
replacing IV for decrypting next ciphertext block.
 Cipher Feedback (CFB) Mode
In this mode, each ciphertext block gets ‘fed back’ into the
encryption process in order to encrypt the next plaintext
block.
Operation
• The operation of CFB mode is depicted in the following
illustration. For example, in the present system, a message
block has a size ‘s’ bits where 1 < s < n. The CFB mode
requires an initialization vector (IV) as the initial random n-
bit input block. The IV need not be secret. Steps of operation
are −
• Load the IV in the top register.
• Encrypt the data value in top register with underlying
block cipher with key K.
• Take only ‘s’ number of most significant bits (left bits) of
output of encryption process and XOR them with ‘s’ bit
plaintext message block to generate cipher text block.
• Feed cipher text block into top register by shifting
already present data to the left and continue the operation
till all plaintext blocks are processed.
• Essentially, the previous cipher text block is encrypted
with the key, and then the result is XORed to the current
plaintext block.
• Similar steps are followed for decryption. Pre-decided IV
is initially loaded at the start of decryption.
 Output Feedback (OFB) Mode

• It involves feeding the successive output blocks

from the underlying block cipher back to it.
These feedback blocks provide string of bits to
feed the encryption algorithm which act as the
key-stream generator as in case of CFB mode.
• The key stream generated is XOR-ed with the
plaintext blocks. The OFB mode requires an IV
as the initial random n-bit input block. The IV
need not be secret.
 Counter (CTR) Mode

It can be considered as a counter-based version

of CFB mode without the feedback. In this
mode, both the sender and receiver need to
access to a reliable counter, which computes a
new shared value each time a cipher text block
is exchanged. This shared counter is not
necessarily a secret value, but challenge is that
both sides must keep the counter
synchronized.
Operation:
• Load the initial counter value in the top register is the same for
both the sender and the receiver. It plays the same role as the IV
in CFB (and CBC) mode.
• Encrypt the contents of the counter with the key and place the
result in the bottom register.
• Take the first plaintext block P1 and XOR this to the contents of
the bottom register. The result of this is C1. Send C1 to the
receiver and update the counter. The counter update replaces the
ciphertext feedback in CFB mode.
• Continue in this manner until the last plaintext block has been
encrypted.
• The decryption is the reverse process. The ciphertext block is
XORed with the output of encrypted contents of counter value.
After decryption of each ciphertext block counter is updated as
in case of encryption.
 DES Introduction:
• The Data Encryption Standard (DES) is a
symmetric-key block cipher published by the
National Institute of Standards and Technology
(NIST).
• DES is an implementation of a Feistel Cipher. It
uses 16 round Feistel structure. The block size is
64-bit. Though, key length is 64-bit, DES has an
effective key length of 56 bits, since 8 of the 64 bits
of the key are not used by the encryption algorithm
Since DES is based on the Feistel Cipher, all that
is required to specify DES is −
• Round function
• Key schedule
• Any additional processing − Initial and final
permutation
 Initial and final permutation
The initial and final permutations are
straight Permutation boxes (P-boxes)
that are inverses of each other. They
have no cryptography significance in
DES. 
Round Function
• The heart of this cipher is the DES function, f. The
DES function applies a 48-bit key to the rightmost 32
bits to produce a 32-bit output.
 Key Generation

• The round-key generator creates

sixteen 48-bit keys out of a 56-bit
cipher key